Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
281 8 重要
Adjacent 		デル PowerFlex Manager デルのPowerFlex Managerにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-35067 2026-06-24 09:59 2026-06-17 Show GitHub Exploit DB Packet Storm
282 5.7 警告
Adjacent 		デル PowerFlex Manager デルのPowerFlex ManagerにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-35068 2026-06-24 09:59 2026-06-17 Show GitHub Exploit DB Packet Storm
283 8 重要
Adjacent 		デル PowerFlex Manager デルのPowerFlex ManagerにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-35069 2026-06-24 09:59 2026-06-17 Show GitHub Exploit DB Packet Storm
284 6.5 警告
Network 		デル PowerFlex Manager デルのPowerFlex Managerにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-35162 2026-06-24 09:59 2026-06-17 Show GitHub Exploit DB Packet Storm
285 4.8 警告
Network 		デル PowerFlex Manager デルのPowerFlex Managerにおける暗号アルゴリズムの使用に関する脆弱性 CWE-327
不完全、または危険な暗号アルゴリズムの使用 		CVE-2026-40641 2026-06-24 09:59 2026-06-17 Show GitHub Exploit DB Packet Storm
286 8.8 重要
Network 		Eclipse Foundation Theia Eclipse FoundationのTheiaにおける信頼できない制御領域からの機能の組み込みに関する脆弱性 CWE-829
信頼性のない制御領域からの機能の組み込み 		CVE-2026-44688 2026-06-24 09:59 2026-06-18 Show GitHub Exploit DB Packet Storm
287 8.8 重要
Network 		Eclipse Foundation Theia Eclipse FoundationのTheiaにおける信頼できない制御領域からの機能の組み込みに関する脆弱性 CWE-829
信頼性のない制御領域からの機能の組み込み 		CVE-2026-44691 2026-06-24 09:59 2026-06-18 Show GitHub Exploit DB Packet Storm
288 8.8 重要
Network 		Eclipse Foundation Theia Eclipse FoundationのTheiaにおける信頼できない制御領域からの機能の組み込みに関する脆弱性 CWE-829
信頼性のない制御領域からの機能の組み込み 		CVE-2026-46580 2026-06-24 09:59 2026-06-18 Show GitHub Exploit DB Packet Storm
289 8.1 重要
Adjacent 		デル PowerFlex Manager デルのPowerFlex Managerにおける認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2026-49502 2026-06-24 09:59 2026-06-17 Show GitHub Exploit DB Packet Storm
290 6.1 警告
Network 		Astro Astro Astroにおけるクロスサイトスクリプティングの脆弱性 CWE-80
クロスサイトスクリプティング (Basic XSS) 		CVE-2026-50146 2026-06-24 09:59 2026-06-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
191581 7.5 HIGH
Network 		huawei magic_ui
emui
harmonyos 		There is a Privilege escalation vulnerability with the file system component in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. NVD-CWE-noinfo
CVE-2021-37113 2024-11-21 15:14 2022-01-4 Show GitHub Exploit DB Packet Storm
191582 5.3 MEDIUM
Network 		huawei harmonyos Hisuite module has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability may lead to Firmware leak. CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2021-37112 2024-11-21 15:14 2022-01-4 Show GitHub Exploit DB Packet Storm
191583 7.5 HIGH
Network 		huawei magic_ui
emui
harmonyos 		There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this vulnerability may cause memory exhaustion. CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2021-37111 2024-11-21 15:14 2022-01-4 Show GitHub Exploit DB Packet Storm
191584 7.5 HIGH
Network 		huawei magic_ui
emui
harmonyos 		There is a Timing design defects in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. NVD-CWE-noinfo
CVE-2021-37110 2024-11-21 15:14 2022-01-4 Show GitHub Exploit DB Packet Storm
191585 7.5 HIGH
Network 		huawei harmonyos Hilinksvc service exists a Data Processing Errors vulnerability .Successful exploitation of this vulnerability may cause application crash. NVD-CWE-noinfo
CVE-2021-37098 2024-11-21 15:14 2022-01-4 Show GitHub Exploit DB Packet Storm
191586 4.2 MEDIUM
Physics 		encsecurity datavault ENC DataVault 7.2.3 and before, and OEM versions, use an encryption algorithm that is vulnerable to data manipulation (without knowledge of the key). This is called ciphertext malleability. There is … CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2021-36751 2024-11-21 15:14 2022-01-3 Show GitHub Exploit DB Packet Storm
191587 8.8 HIGH
Network 		ciphercoin contact_form_7_database_addon Cross-Site Request Forgery (CSRF) vulnerability discovered in Contact Form 7 Database Addon – CFDB7 WordPress plugin (versions <= 1.2.5.9). CWE-352
 Origin Validation Error 		CVE-2021-36886 2024-11-21 15:14 2021-12-23 Show GitHub Exploit DB Packet Storm
191588 6.1 MEDIUM
Network 		ciphercoin contact_form_7_database_addon Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in Contact Form 7 Database Addon – CFDB7 WordPress plugin (versions <= 1.2.6.1). CWE-79
Cross-site Scripting 		CVE-2021-36885 2024-11-21 15:14 2021-12-23 Show GitHub Exploit DB Packet Storm
191589 8.1 HIGH
Network 		zendesk
sandisk 		enc_vaultapi
enc_datavault
secureaccess 		ENC DataVault before 7.2 and VaultAPI v67 mishandle key derivation, making it easier for attackers to determine the passwords of all DataVault users (across USB drives sold under multiple brand names… CWE-307
mproper Restriction of Excessive Authentication Attempts 		CVE-2021-36750 2024-11-21 15:14 2021-12-22 Show GitHub Exploit DB Packet Storm
191590 4.8 MEDIUM
Network 		tarteaucitron.js_-_cookies_legislation_\&_gdpr_project tarteaucitron.js_-_cookies_legislation_\&_gdpr Multiple Stored Authenticated Cross-Site Scripting (XSS) vulnerabilities were discovered in tarteaucitron.js – Cookies legislation & GDPR WordPress plugin (versions <= 1.6). CWE-79
Cross-site Scripting 		CVE-2021-36889 2024-11-21 15:14 2021-12-21 Show GitHub Exploit DB Packet Storm